.svg)
Zepp Health attaches great importance to security issues and welcomes all security researchers to report potential security vulnerabilities to us to improve the security of our smartwatches and IoT devices (software, hardware, firmware).
Monitor and assign received vulnerabilities in a timely manner
Verify the vulnerability and confirm the exploitability and impact
Provide effective fix solutions or risk remediation measures
Investigate and confirm the complete scope of affected products
Review and publish the security advisory for the security vulnerability
Mailbox
You can report discovered security vulnerabilities to sec@zepp.com. Your report contains at least the following information:
- Your organization and contact information.
- Products and versions affected.
- Description of the potential vulnerability.
- Information about known exploits.
- Disclosure plans.
- Additional information.
Attention
Although Zepp Health encourages investigation of potential security breaches, Zepp Health cannot tolerate any activity that may interfere with legitimate users or may violate applicable computer abuse, cybersecurity and data protection regulations. Therefore, the following activities are prohibited: Modification or destruction of data; Service disruption or degradation, such as DoS; Disclosure of personal, proprietary or financial information.
Response
Time
Zepp Health will respond within 48 hours to the vulnerabilities you submit.
Note: Actual vulnerability response time may vary depending on the risk level and complexity of the vulnerability.
